3c0fe521f6a9cfbfabc1f27a1a64dfc081a63aaaf2a6ce8cd831f6251ee85816

Resubmissions

18-03-2024 13:43

240318-q1nhlaag4w 10

Sharing

Copy URL

Twitter E-mail

General

Target

3c0fe521f6a9cfbfabc1f27a1a64dfc081a63aaaf2a6ce8cd831f6251ee85816
Size

947KB
MD5

39217b125403ff7c755622ef9bbef974
SHA1

9fc607b7c17919c83999bdd119e9cd6bf413101a
SHA256

3c0fe521f6a9cfbfabc1f27a1a64dfc081a63aaaf2a6ce8cd831f6251ee85816
SHA512

1252ea94931eaf4426ca1eb94a070645238775c447a09286109fe894c569de29ca502882a0fa34e97e09109c43c486a3aa32081e3a3afef0b6557db59c71fc50
SSDEEP

12288:3+Zn/gJtKaNIBpB+iMMOD30ZnZ47m0T3JF9j3GOF0l7B2FzqL2aZa7rf58bs:3+RYeaNILZi/JDLG60y1aZvs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c0fe521f6a9cfbfabc1f27a1a64dfc081a63aaaf2a6ce8cd831f6251ee85816

Files

3c0fe521f6a9cfbfabc1f27a1a64dfc081a63aaaf2a6ce8cd831f6251ee85816
.exe windows:5 windows x86 arch:x86

c0cf0052bc809c1335de5569fdee9950

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
DecodePointer
HeapFree
GetACP
GetModuleHandleExW
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameA
WriteFile
LCMapStringW
SetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
GetCommandLineW
GetConsoleCP
GetStdHandle
EncodePointer
Process32Next
Process32First
SetLastError
GetModuleFileNameW
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
RtlUnwind
CreateToolhelp32Snapshot
SetConsoleTitleA
CreateTimerQueue
CreateFileW
LoadLibraryA
MulDiv
CreateTapePartition
CloseHandle
CreateIoCompletionPort
GetLastError
GetProcessHeap
HeapAlloc
HeapCreate
RaiseException
TerminateProcess
GetCurrentProcess
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcAddress
FlushFileBuffers
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
GetConsoleMode
SetFilePointerEx
WriteConsoleW
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection

user32

PostQuitMessage
DefWindowProcA
SendMessageA
DispatchMessageA
CreateWindowExA
ShowWindow
IsWindowVisible
GetDlgItem
CheckDlgButton
IsDlgButtonChecked
SendDlgItemMessageA
SetFocus
TranslateMessage
RegisterClassA
wsprintfA
DrawFrameControl
RealChildWindowFromPoint
DefMDIChildProcA
LoadCursorA
LoadBitmapA
GetWindow
FindWindowExA
SetWindowLongA
GetWindowLongA
PtInRect
OffsetRect
InvertRect
DrawFocusRect
GetSysColorBrush
GetSysColor
MessageBoxA
SetWindowTextA
GetScrollRange
RedrawWindow
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
DeleteMenu
GetSystemMenu
GetSystemMetrics
GetFocus
GetMessageA

gdi32

SetWindowExtEx
MoveToEx
SetTextJustification
SetTextAlign
SetBkMode
SelectObject
Rectangle
LineTo
GetTextExtentPoint32A
GetTextAlign
GetStockObject
GetDeviceCaps
DeleteObject
CreateSolidBrush
CreatePen
CreateFontA

advapi32

SystemFunction036
AllocateAndInitializeSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
IsValidSid

shell32

SHBrowseForFolderA

ole32

CLSIDFromString
CoInitialize

ws2_32

WSAStartup
shutdown
closesocket
WSASocketA

netapi32

NetShareGetInfo

avifil32

AVIStreamStart
AVIStreamRelease
AVIFileGetStream
AVIStreamLength
AVIFileOpenA
AVIFileRelease
AVIFileExit
AVIFileInit
AVIStreamGetFrameOpen
AVIStreamGetFrame
AVIStreamGetFrameClose
AVIFileInfoA

msacm32

acmFormatEnumA
acmFormatTagDetailsA
acmMetrics

winmm

mmioAscend

iphlpapi

GetInterfaceInfo
GetIfTable
GetIfEntry

shlwapi

StrChrA
AssocCreate

comctl32

ImageList_AddMasked
ImageList_GetImageCount
ImageList_Create

wintrust

CryptCATAdminAcquireContext
CryptCATAdminEnumCatalogFromHash
CryptCATAdminReleaseContext

rpcrt4

UuidHash

setupapi

SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 840KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

c0cf0052bc809c1335de5569fdee9950

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

ws2_32

netapi32

avifil32

msacm32

winmm

iphlpapi

shlwapi

comctl32

wintrust

rpcrt4

setupapi

Sections

.text Size: 65KB - Virtual size: 65KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 2KB - Virtual size: 6KB

.text Size: 5KB - Virtual size: 5KB

.gfids Size: 512B - Virtual size: 300B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 840KB - Virtual size: 1.7MB

.text
Size: 65KB - Virtual size: 65KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 2KB - Virtual size: 6KB

.text
Size: 5KB - Virtual size: 5KB

.gfids
Size: 512B - Virtual size: 300B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 840KB - Virtual size: 1.7MB